[CentOS] SSL vulnerabilities
Alexander Dalloz
ad+lists at uni-x.org
Wed Jul 31 15:48:53 UTC 2013
Am 31.07.2013 10:52, schrieb Anumeha Prasad:
> Hi,
>
> Following 2 vulnerabilities were detected in VA scan required for PCI
> compliance:
>
> 1. SSL Weak Cipher Suites Supported
> 2. SSL Medium Strength Cipher Suites Supported
>
> I'm using CentOS 5.8 with open ssl version "openssl-0.9.8e-22.el5_8.4". Any
> idea how to get rid of this?
>
> Thanks,
> Anumeha
You have far more security issues with your system than just providing
weak SSL ciphers, because you are not up to date. The current CentOS 5
minor release is 9 with a fair amount of additional bug and security
updates.
Update ASAP (`yum update').
Alexander
More information about the CentOS
mailing list